Monthly Archives: September 2007

Webscarab Tutorial Part 3 (fuzzing)

Tuesday, September 25th, 2007

Part 2 covered the neat functionality of session ID analysis within Webscarab. Now we’ll focus on another great function within Webscarab, fuzzing. I define fuzzing as testing the input of an application by trying various parameters that the input may not expect. These parameters don’t have to be random, in my opinion […]

Filed in http, proxy, SQL injection | | Permalink | Comments (43)

Defcon 15 videos released early

Thursday, September 6th, 2007

A good friend of mine named Eric Jenko, who is also in web application security, sent me a link this morning to RoySAC’s blog that contains videos of Defcon 15. Now Defcon does release videos of their presentations but it does take them some time to do so. Luckily Carsten over at RoySAC […]

Filed in Uncategorized | | Permalink | Comments (7)